mirror of
https://github.com/documenso/documenso.git
synced 2025-11-13 08:13:56 +10:00
5210fe2963
## Description Add support to login with passkeys. Passkeys can be added via the user security settings page. Note: Currently left out adding the type of authentication method for the 'user security audit logs' because we're using the `signIn` next-auth event which doesn't appear to provide the context. Will look into it at another time. ## Changes Made - Add passkeys to login - Add passkeys feature flag - Add page to manage passkeys - Add audit logs relating to passkeys - Updated prisma schema to support passkeys & anonymous verification tokens ## Testing Performed To be done. MacOS: - Safari ✅ - Chrome ✅ - Firefox ✅ Windows: - Chrome [Untested] - Firefox [Untested] Linux: - Chrome [Untested] - Firefox [Untested] iOS: - Safari ✅ ## Checklist <!--- Please check the boxes that apply to this pull request. --> <!--- You can add or remove items as needed. --> - [X] I have tested these changes locally and they work as expected. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - **New Features** - Introduced Passkey authentication, including creation, sign-in, and management of passkeys. - Added a Passkeys section in Security Settings for managing user passkeys. - Implemented UI updates for Passkey authentication, including a new dialog for creating passkeys and a data table for managing them. - Enhanced security settings with server-side feature flags to conditionally display new security features. - **Bug Fixes** - Improved UI consistency in the Settings Security Activity Page. - Updated button styling in the 2FA Recovery Codes component for better visibility. - **Refactor** - Streamlined authentication options to include WebAuthn credentials provider. - **Chores** - Updated database schema to support passkeys and related functionality. - Added new audit log types for passkey-related activities. - Enhanced server-only authentication utilities for passkey registration and management. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
54 lines
1.5 KiB
TypeScript
54 lines
1.5 KiB
TypeScript
import { env } from 'next-runtime-env';
|
|
|
|
import { APP_BASE_URL, WEBAPP_BASE_URL } from './app';
|
|
|
|
const NEXT_PUBLIC_FEATURE_BILLING_ENABLED = () => env('NEXT_PUBLIC_FEATURE_BILLING_ENABLED');
|
|
const NEXT_PUBLIC_POSTHOG_KEY = () => env('NEXT_PUBLIC_POSTHOG_KEY');
|
|
|
|
/**
|
|
* The flag name for global session recording feature flag.
|
|
*/
|
|
export const FEATURE_FLAG_GLOBAL_SESSION_RECORDING = 'global_session_recording';
|
|
|
|
/**
|
|
* How frequent to poll for new feature flags in milliseconds.
|
|
*/
|
|
export const FEATURE_FLAG_POLL_INTERVAL = 30000;
|
|
|
|
/**
|
|
* Feature flags that will be used when PostHog is disabled.
|
|
*
|
|
* Does not take any person or group properties into account.
|
|
*/
|
|
export const LOCAL_FEATURE_FLAGS: Record<string, boolean> = {
|
|
app_billing: NEXT_PUBLIC_FEATURE_BILLING_ENABLED() === 'true',
|
|
app_document_page_view_history_sheet: false,
|
|
app_passkey: WEBAPP_BASE_URL === 'http://localhost:3000', // Temp feature flag.
|
|
marketing_header_single_player_mode: false,
|
|
marketing_profiles_announcement_bar: true,
|
|
} as const;
|
|
|
|
/**
|
|
* Extract the PostHog configuration from the environment.
|
|
*/
|
|
export function extractPostHogConfig(): { key: string; host: string } | null {
|
|
const postHogKey = NEXT_PUBLIC_POSTHOG_KEY();
|
|
const postHogHost = `${APP_BASE_URL()}/ingest`;
|
|
|
|
if (!postHogKey || !postHogHost) {
|
|
return null;
|
|
}
|
|
|
|
return {
|
|
key: postHogKey,
|
|
host: postHogHost,
|
|
};
|
|
}
|
|
|
|
/**
|
|
* Whether feature flags are enabled for the current instance.
|
|
*/
|
|
export function isFeatureFlagEnabled(): boolean {
|
|
return extractPostHogConfig() !== null;
|
|
}
|